Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Save the remapped_binary path and sections to the .ini #97

Open
p-state opened this issue Aug 29, 2019 · 4 comments
Open

Save the remapped_binary path and sections to the .ini #97

p-state opened this issue Aug 29, 2019 · 4 comments

Comments

@p-state
Copy link

p-state commented Aug 29, 2019

I need to analyse one function in my binary, but I have to pass pointer to big chunk of memory as an argument. I've created additional segment in IDA and fill it with contents from file. The argument has correct pointer to created segment, but analysis fails with message [ANALYSIS] interpreter: unreachable state at address ... right after dereferencing this pointer.

Is there a better approach to solve this problem besides creating a very large .init file?
@Lastpixl
Copy link
Contributor

Lastpixl commented Aug 29, 2019
edited

Hi,

BinCAT supports for mapping chunks from the binary file that is being analyzed, by defining sections in the input file (there's an example here). The format is: section[SECTION_NAME] = VIRTUAL_ADDRESS,VIRTUAL_LENGTH,PHYSICAL_ADDR,PHYSICAL_LENGTH
VIRTUAL_ADDRESS is the address you'd like a chunk to be mapped to
PHYSICAL_ADDR is is offset of the chunk start in the binary that is being analyzed.
Both length should be equal, I don't remember why we have two parameters.

BinCAT doesn't support (yet?) mapping chunks from files other than the binary being analyzed, or a core dump file. So, a dirty hack that will probably work would be concatenating the memory chunks you want to map at the end of the binary file being analyzed.

@trou
Copy link
Collaborator

trou commented Aug 29, 2019
edited

Hello,
Another option, beside the one @Lastpixl provided: I think using the "remap binary" checkbox should work, as it produces the binary file used by the analyzer using IDA's segments data.
Could your please try this ?

@p-state
Copy link
Author

p-state commented Sep 2, 2019

@trou Oh, yes. I remember that I unchecked this option because analysis could not start after reloading IDA database:

INFO:bincat.gui:Launching the analyzer
Traceback (most recent call last):
  File "C:/Users/root/AppData/Roaming/Hex-Rays/IDA Pro/plugins\idabincat\gui.py", line 807, in launch_analysis
    or not self.s.remapped_sections):
AttributeError: 'State' object has no attribute 'remapped_sections'

It works when idb is loaded for the first time. I've fixed it by changing this line to or getattr(self.s, 'remapped_sections', None) is None, but it asks where to save remapped binary after reloading idb. I do not think this is the intended behavior.

@Lastpixl It works, thank you. I believe "remap binary" approach is more convenient.

@trou
Copy link
Collaborator

trou commented Sep 3, 2019

@hardboost thanks for the report. I've improved the situation, now the remapped sections are saved in the IDB and the configuration files has the "remap binary" option state saved.

I'm leaving this bug open for now as I want to save the remapped_binary path and sections to the .ini too.

@trou trou changed the title How to init bincat memory with contents from file? Save the remapped_binary path and sections to the .ini Nov 24, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Lastpixl @trou @p-state